Exam FCSS_EFW_AD-7.6 Topic 4 Question 14 Discussion
Actual exam question for Fortinet's FCSS_EFW_AD-7.6 exam
Question #: 14
Topic #: 4
Question #: 14
Topic #: 4
Refer to the exhibit, which shows the packet capture output of a three-way handshake between FortiGate and FortiManager Cloud.
What two conclusions can you draw from the exhibit? (Choose two.)
What two conclusions can you draw from the exhibit? (Choose two.)
Suggested Answer: A,D Vote an answer
The packet capture output displays a TLS Client Hello message from FortiGate to FortiManager Cloud. This message contains Server Name Indication (SNI), which is used to indicate the domain name that FortiGate is trying to connect to.
FortiGate will receive a certificate that supports multiple domains because FortiManager operates in a cloud computing environment.
FortiManager Cloud hosts multiple customers and domains under a shared infrastructure. The TLS handshake includes SNI (Server Name Indication), which allows FortiManager Cloud to serve multiple certificates based on the requested domain. This means FortiGate will likely receive a multi-domain or wildcard certificate that can be used for multiple customers under FortiManager Cloud.
The wildcard for the domain .fortinet-ca2.support.fortinet.com must be supported by FortiManager Cloud.
The SNI extension contains the domain 9398.support.fortinet-ca2.fortinet.com.
FortiManager Cloud must support wildcard certificates such as *.fortinet-ca2.support.fortinet.com to securely manage multiple subdomains and customers.
This ensures that FortiGate can validate the server certificate without any TLS errors.
FortiGate will receive a certificate that supports multiple domains because FortiManager operates in a cloud computing environment.
FortiManager Cloud hosts multiple customers and domains under a shared infrastructure. The TLS handshake includes SNI (Server Name Indication), which allows FortiManager Cloud to serve multiple certificates based on the requested domain. This means FortiGate will likely receive a multi-domain or wildcard certificate that can be used for multiple customers under FortiManager Cloud.
The wildcard for the domain .fortinet-ca2.support.fortinet.com must be supported by FortiManager Cloud.
The SNI extension contains the domain 9398.support.fortinet-ca2.fortinet.com.
FortiManager Cloud must support wildcard certificates such as *.fortinet-ca2.support.fortinet.com to securely manage multiple subdomains and customers.
This ensures that FortiGate can validate the server certificate without any TLS errors.
by Lillian at Mar 09, 2026, 01:24 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).